The problem can be corrected by upgrading the affected package to version 5.8.4-2ubuntu0.4. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Paul Szabo discovered another vulnerability in the rmtree() function in File::Path.pm. While a process running as root (or another user) was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write permissions in any subdirectory of that tree.